CVE-2026-15407
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
16/07/2026
Última modificación:
16/07/2026
Descripción
*** Pendiente de traducción *** The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to overwrite or delete the generated CSS stylesheet file of arbitrary posts, including private and draft posts owned by other users, and modify plugin-scoped font options. The required CSRF nonce (tf_nonce) is emitted on public front-end builder pages via wp_localize_script, making it trivially obtainable by any authenticated user visiting such a page.
Impacto
Puntuación base 3.x
4.30
Gravedad 3.x
MEDIA
Referencias a soluciones, herramientas e información
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.5/classes/class-themify-builder-stylesheet.php#L160
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.5/classes/class-themify-builder-stylesheet.php#L17
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.5/classes/class-themify-builder-stylesheet.php#L313
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.5/classes/class-themify-builder-stylesheet.php#L69
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.7/classes/class-themify-builder-stylesheet.php#L160
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.7/classes/class-themify-builder-stylesheet.php#L17
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.7/classes/class-themify-builder-stylesheet.php#L313
- https://plugins.trac.wordpress.org/browser/themify-builder/tags/7.7.7/classes/class-themify-builder-stylesheet.php#L69
- https://plugins.trac.wordpress.org/changeset?reponame=&old=3607906%40themify-builder&new=3607906%40themify-builder
- https://www.wordfence.com/threat-intel/vulnerabilities/id/b59e2773-31f0-4c19-b066-30982761bc44?source=cve



